Artifex Ghostscript vulnerabilities
168 known vulnerabilities affecting artifex/ghostscript.
Total CVEs
168
CISA KEV
1
actively exploited
Public exploits
7
Exploited in wild
3
Severity breakdown
CRITICAL23HIGH70MEDIUM73LOW2
Vulnerabilities
Page 7 of 9
CVE-2020-17538P4MEDIUMCVSS 5.5≥ 9.18, < 9.522020-08-13
CVE-2020-17538 [MEDIUM] CWE-787 CVE-2020-17538: A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16301P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16301 [MEDIUM] CWE-120 CVE-2020-16301: A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software Gh
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16294P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16294 [MEDIUM] CWE-120 CVE-2020-16294: A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software Ghost
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16308P4MEDIUMCVSS 5.5fixed in 9.52v9.502020-08-13
CVE-2020-16308 [MEDIUM] CWE-787 CVE-2020-16308: A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScr
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2025-59801P4MEDIUMCVSS 4.3≥ 0, < 10.06.0~dfsg-12025-09-22
CVE-2025-59801 [MEDIUM] CVE-2025-59801: In Artifex GhostXPS before 10
In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked.
osv
CVE-2017-7207P4MEDIUMCVSS 5.5v9.202017-03-21
CVE-2017-7207 [MEDIUM] CWE-476 CVE-2017-7207: The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attacke
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
nvdosv
CVE-2020-16305P4MEDIUMCVSS 5.5v9.502020-08-13
CVE-2020-16305 [MEDIUM] CWE-787 CVE-2020-16305: A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16300P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16300 [MEDIUM] CWE-787 CVE-2020-16300: A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software Gho
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16289P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16289 [MEDIUM] CWE-787 CVE-2020-16289: A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostSc
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16290P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16290 [MEDIUM] CWE-787 CVE-2020-16290: A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software G
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16288P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16288 [MEDIUM] CWE-120 CVE-2020-16288: A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16298P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16298 [MEDIUM] CWE-120 CVE-2020-16298: A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Softw
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16292P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16292 [MEDIUM] CWE-787 CVE-2020-16292: A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2018-16542P4MEDIUMCVSS 5.5fixed in 9.242018-09-05
CVE-2018-16542 [MEDIUM] CWE-787 CVE-2018-16542: In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insu
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
nvdosv
CVE-2020-16287P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16287 [MEDIUM] CWE-787 CVE-2020-16287: A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software G
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv
CVE-2020-16309P4MEDIUMCVSS 5.5v9.502020-08-13
CVE-2020-16309 [MEDIUM] CWE-787 CVE-2020-16309: A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software Gh
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.
nvdosv
CVE-2021-45949P4MEDIUMCVSS 5.5≥ 9.50, ≤ 9.54.02022-01-01
CVE-2021-45949 [MEDIUM] CWE-787 CVE-2021-45949: Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (ca
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
nvdosv
CVE-2023-52722P4MEDIUMCVSS 5.5fixed in 10.03.12024-04-28
CVE-2023-52722 [MEDIUM] CVE-2023-52722: An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used
An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard.
nvdosv
CVE-2018-19478P4MEDIUMCVSS 5.5fixed in 9.262019-01-02
CVE-2018-19478 [MEDIUM] CWE-20 CVE-2018-19478: In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long runni
In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
nvdosv
CVE-2020-16295P4MEDIUMCVSS 5.5fixed in 9.522020-08-13
CVE-2020-16295 [MEDIUM] CWE-476 CVE-2020-16295: A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Softwar
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
nvdosv